<?php

namespace Ruben\Aliyun;
use Sts\Request\V20150401 as Sts;

class StsServer
{
    private $accessKey;
    private $accessSecret;
    private $roleArn;

    public function __construct($config)
    {
        $this->accessKey = $config['access_key'];
        $this->accessSecret = $config['access_secret'];
        $this->roleArn = $config['role_arn'];
    }


    public function getStsToken()
    {
        require('aliyun-openapi-php-sdk/aliyun-php-sdk-core/Config.php');
        \Autoloader::addAutoloadPath('aliyun-php-sdk-mts');

        $iClientProfile = \DefaultProfile::getProfile('cn-shenzhen', $this->accessKey, $this->accessSecret);
        $client = new \DefaultAcsClient($iClientProfile);
        $request = new Sts\AssumeRoleRequest();
        $request->setRoleSessionName("rubentools");
        $policy = <<<POLICY
{
    "Statement": [
      {
        "Action": "oss:*",
        "Effect": "Allow",
        "Resource": "*"
      }
    ],
    "Version": "1"
}
POLICY;
        $request->setRoleArn($this->roleArn);
        $request->setPolicy($policy);
        $request->setDurationSeconds(3600);
        $response = $client->getAcsResponse($request);
        return json_encode($response->Credentials); 
    }
}
